Adware vs. ad fraud

What is malvertising?

We’re on a bit of an educational push here at Malwarebytes with the aim of helping Internet users become a bit more aware of the latest tricks that criminals are using to catch you out. Hopefully, this means you will be a bit safer online.

Today’s post takes a closer look at ‘malvertising’. This was covered in a bit of detail in our previous post on Exploit Kits, but as it presents a significant threat to everyday folks, so we wanted to dig into it in a bit more detail.

What is it?

Malvertising is the name we in the security industry give to criminally-controlled adverts which intentionally infect people and businesses. These can be any ad on any site – often ones which you use as part of your everyday Internet usage. It is a growing problem, as is evidenced by a recent US Senate report, and the establishment of bodies like Trust In Ads.

Whilst the technology being used in the background is very advanced, the way it presents to the person being infected is simple. To all intents and purposes, the advert looks the same as any other, but it has been placed by a criminal.

Without your knowledge a tiny piece of code hidden deep in the advert is making your computer go to criminal servers. These then catalogue details about your computer and its location, before choosing which piece of malware to send you. This doesn’t need a new browser window and you won’t know about it.

The first sign will often be when the malware is already installed and starts threatening money for menaces, logging your bank details or any number of despicable scams.

MalvertisingInfoDraft

How do they get there?    

It’s common practice to outsource the advertising on websites to third-party specialists. These companies re-sell this space, and provide software which allows people to upload their own adverts, bidding a certain amount of money to ‘win’ the right for more people to see them.

This often provides a weak point, and cyber criminals have numerous clever ways of inserting their own malicious adverts into this self-service platform. Once loaded, all they have to do is set a price per advert, to compete with legitimate advertisers, and push it live.

Why is it a threat to me?

People nowadays are aware of practices that look or feel ‘wrong’ on the Internet, be it odd-looking links, requests to download strange programs or posts on social media which set the alarm bells ringing. The real danger with malvertising is that user judgement isn’t involved at all. People don’t have to click anything, visit a strange website or follow any links.

Rather, you go to a website you trust (like a news site or similar) and the adverts are secretly injecting criminal software onto your computer. This means infections can happen just by browsing the morning headlines, visiting your online dating profile or watching a video.

How do I stop it?

There are a few things which people can do to minimize the risk of being caught out by malvertising:

  • Those reminders to update things like browsers, flash, Java etc? Don’t ignore them.
  • Run a specialist anti-exploit technology (we provide one for free)
  • There are programs which block advertising that can help

Safe surfing and don’t get caught out!

ABOUT THE AUTHOR